Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 22/12/2014 Heure de l'examen: 20:32:59 Fichier journal: rapport mbam.txt Administrateur: Oui Version: 2.00.4.1028 Base de données Malveillants: v2014.11.20.06 Base de données Rootkits: v2014.11.18.01 Licence: Gratuit Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Auto-protection: Désactivé(e) Système d'exploitation: Windows 8.1 Processeur: x64 Système de fichiers: NTFS Utilisateur: aubert et celine Type d'examen: Examen "Personnalisé" Résultat: Terminé Objets analysés: 578681 Temps écoulé: 2 h, 23 min, 14 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Heuristique: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (Aucun élément malicieux detecté) Modules: 0 (Aucun élément malicieux detecté) Clés du Registre: 7 PUP.Optional.InfoTrigger.A, HKLM\SOFTWARE\WOW6432NODE\InfoTrigger, Mis en quarantaine, [29dd05394438171fbb66fb591be8748c], PUP.Optional.HDVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TheHDvid-Codec V10-nv, Mis en quarantaine, [91756ad4ccb096a0646b094436cd867a], PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TotalPlusHD-3.1V05.12-nv, Mis en quarantaine, [7591da64116bb0866160132a649f2ed2], PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, Mis en quarantaine, [50b639059ce0152149c8fe4d2ad97b85], PUP.Optional.HDVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TheHDvid-Codec V10, Mis en quarantaine, [36d049f588f4ac8a319f430aa26141bf], PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TotalPlusHD-3.1V05.12, Mis en quarantaine, [29dd4bf34c308ea822a051ec788baa56], PUP.Optional.WinService86.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\winservice86, Mis en quarantaine, [52b476c896e6a98d290045fc5ca75da3], Valeurs du Registre: 0 (Aucun élément malicieux detecté) Données du Registre: 4 PUP.Optional.SafeFinder.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}),Remplacé,[0afcc975c9b32b0b40be420163a220e0] PUP.Optional.SafeFinder.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}),Remplacé,[8086340ac3b9053148b9d173ea1b9b65] PUP.Optional.SafeFinder.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}),Remplacé,[40c6a09ec0bc74c2e022a1a356af5aa6] PUP.Optional.SafeFinder.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}, Bon: (www.google.com), Mauvais: (http://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hox1BK-uv0lX5MhStaYFqnCNayTPFFkgJooGvoZGFTqra1-ojRwd4mv0DFiknKmurpoyox_Tqq52zdQb3q8m0s1bBr3ypO4i4svy7VBwPeDtfCAZ1JIum-Vsq13pT6qswmri-R4pmI801bZOIfOKtA02-RJF9YIjtYDg,,&q={searchTerms}),Remplacé,[28ded7672656ad8933d11232aa5b4bb5] Dossiers: 1 Rogue.Multiple, C:\ProgramData\600440862, Mis en quarantaine, [70963d013c402d09dc2f1edb1de56997], Fichiers: 53 PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\FlvPlayer\hdfextsetup.exe.vir, Mis en quarantaine, [f80e94aad8a4a88e7b722bafbd44728e], PUP.Optional.SmartBar, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe.vir, Mis en quarantaine, [8680201e84f8f046ee64d885f010b14f], PUP.Optional.VeriStaff, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srptm.exe.vir, Mis en quarantaine, [56b0ca740f6db38398bee776728e649c], PUP.Optional.VeriStaff, C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srptsl.exe.vir, Mis en quarantaine, [aa5c40feb7c55ed8094a96c7bc44b14f], PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\smdmf.dll.vir, Mis en quarantaine, [13f3aa94ceae9c9a8707783848b9827e], PUP.Optional.Linkey.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\tbicon.exe.vir, Mis en quarantaine, [bf47b48a7efe47ef43fcf2afdb2618e8], PUP.Optional.Linkey.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\Uninstall.exe.vir, Mis en quarantaine, [6f97b38bd7a52115d26e247d48b9a957], PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\x64\smdmf.dll.vir, Mis en quarantaine, [8185e45a0f6d280e3b532b8533ce7e82], PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir, Mis en quarantaine, [8581b28c83f9ef47610509d62cd5936d], PUP.Optional.Nova.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\TotalPlusHD-3.1V05.12\893c15a5-0a49-4e27-bc7f-b755b25ed571.dll.vir, Mis en quarantaine, [689ee45a2e4ecf678b79b92d08f99f61], PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\TotalPlusHD-3.1V05.12\0f642111-f191-4567-ba69-d1744f9be5d2-64.exe.vir, Mis en quarantaine, [19ed0d31c4b866d09aa5136ed431817f], PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\TotalPlusHD-3.1V05.12\TotalPlusHD-3.1V05.12-bg.exe.vir, Mis en quarantaine, [51b5b688d3a92b0b7dc21071986da45c], PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\TotalPlusHD-3.1V05.12\TotalPlusHD-3.1V05.12-bho64.dll.vir, Mis en quarantaine, [35d1b6884d2f979fe659a8d921e4748c], PUP.Optional.WinService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\winservice86\897f31fd-e192-45ef-b652-7d95e06ec855-12.exe.vir, Mis en quarantaine, [f313ee50a5d757dfdcdc22a8e0215aa6], PUP.Optional.WinService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\winservice86\897f31fd-e192-45ef-b652-7d95e06ec855-2.exe.vir, Mis en quarantaine, [64a2a7974a32bf774b6d7159649de917], PUP.Optional.WinService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\winservice86\fed58121-5ab7-41e8-aaeb-4a1dd4499d77-12.exe.vir, Mis en quarantaine, [6a9ce15db9c3e94d86325e6c5da4cc34], PUP.Optional.WinService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\winservice86\fed58121-5ab7-41e8-aaeb-4a1dd4499d77-2.exe.vir, Mis en quarantaine, [3ec8211d3c4068cebdfba129946dbb45], PUP.Optional.CrossRider.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\winservice86\utils.exe.vir, Mis en quarantaine, [cf37340a1a624ceaae52a2b35ea2fa06], PUP.Optional.WinService.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\winservice86\winservice86-bho64.dll.vir, Mis en quarantaine, [54b2e45a760676c072467159ff02ba46], PUP.Optional.Delta.A, C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir, Mis en quarantaine, [8f77da645c2043f3e5944dae0cf822de], PUP.Optional.PayByAds.A, C:\AdwCleaner\Quarantine\C\Users\aubert et celine\AppData\Local\onlysearch\onlysearch\1.3.15.2\res.dll.vir, Mis en quarantaine, [50b6112de8945dd978e2ee94f11460a0], PUP.Optional.OnlySearch.A, C:\AdwCleaner\Quarantine\C\Users\aubert et celine\AppData\Local\onlysearch\onlysearch\1.3.8.11\onlysearch.exe.vir, Mis en quarantaine, [8b7b6ed01765181ef59eafade31dda26], PUP.Optional.RegCleanPro, C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir, Mis en quarantaine, [da2caa942d4ffc3afe715e59b8494eb2], PUP.Optional.Nova.A, C:\Program Files (x86)\AGEIA Technologies\505b13d4-98d6-4a43-bc02-1990d0c01e55.dll, Mis en quarantaine, [e62040fe6c108caa956f18cebe43a957], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\hk64tbFR-0.dll, Mis en quarantaine, [e422d06e9ddf57dfa037d4e5758c3fc1], PUP.Optional.Conduit, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\hk64tbFR-m.dll, Mis en quarantaine, [3ec83e007dff7fb70aaeb8770cf4ed13], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\hktbFR-0.dll, Mis en quarantaine, [30d6c07e7b0158de508714a545bced13], PUP.Optional.Conduit, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\hktbFR-m.dll, Mis en quarantaine, [7b8bdb6380fce353d6e2fb3416ea758b], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\ldrtbFR-0.dll, Mis en quarantaine, [818588b67a0295a1ffd85d5c7190837d], PUP.Optional.Conduit, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\ldrtbFR-m.dll, Mis en quarantaine, [55b171cd0577181ed5e33af5649c03fd], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\prxtbFR-0.dll, Mis en quarantaine, [2cdaab930e6e49eda334a514ca37e41c], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\sc64tbFR-0.dll, Mis en quarantaine, [32d4a49ae79565d115c22396d62bde22], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\sctbFR-0.dll, Mis en quarantaine, [82846ed0e993ba7cab2cdddcc73aac54], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\tbFR-0.dll, Mis en quarantaine, [23e3d16d136961d5e9eec8f19c656d93], PUP.Optional.ClientConnect, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\tbFR-1.dll, Mis en quarantaine, [d63052ecdaa274c2597e249547bac838], PUP.Optional.Conduit, C:\Users\aubert et celine\AppData\LocalLow\FR-mywebsites.pro\tbFR-m.dll, Mis en quarantaine, [f90ded51b5c7a294cdeb2e01e61ae51b], PUP.Optional.InfoTrigger.A, C:\Users\aubert et celine\AppData\Roaming\ZHP\Quarantine\infotrigger.DIR\updateInfoTrigger2.exe, Mis en quarantaine, [d036d16d1468e35312153498b74a23dd], PUP.Optional.InfoTrigger.A, C:\Users\aubert et celine\AppData\Roaming\ZHP\Quarantine\infotrigger.DIR\bin\utilInfoTrigger2.exe, Mis en quarantaine, [13f33b03cdaf8caa1116cefee61be51b], PUP.Optional.Nova.A, C:\Users\aubert et celine\AppData\Roaming\ZHP\Quarantine\ec5b675a-e9fa-4af9-9cf0-582cb38e8974\9be9dd36-fa21-44b1-9fe4-0903ebd65abe.dll, Mis en quarantaine, [53b36bd325573afc56ae2fb720e1649c], PUP.Optional.WinService.A, C:\Users\aubert et celine\AppData\Roaming\ZHP\Quarantine\winservice86\fed58121-5ab7-41e8-aaeb-4a1dd4499d77-12.exe, Mis en quarantaine, [df2744fa5f1df640ebcd4486a25fbf41], PUP.Optional.Bandoo, C:\Users\aubert et celine\Desktop\FILM VINCENT EDF\films vincent\iLividSetupV1.exe, Mis en quarantaine, [0204f74791eb39fd4b9cd1521ee3cb35], PUP.Optional.ClientConnect, C:\Windows.old\Users\aubert et celine\AppData\Local\Conduit\Community Alerts\Alert.dll, Mis en quarantaine, [0ef8da645f1d71c5b62177423ec3db25], PUP.Optional.ClientConnect, C:\Windows.old\Users\aubert et celine\AppData\Local\Conduit\CT3232586\FR-mywebsites.proAutoUpdateHelper.exe, Mis en quarantaine, [bc4ac17d0379c3736077ae0b5ba6fd03], PUP.Optional.ClientConnect, C:\Windows.old\Users\aubert et celine\AppData\Local\Temp\v346667734.877.exe, Mis en quarantaine, [7690aa94e19b0432e0f75069cc35e61a], PUP.Optional.ClientConnect, C:\Windows.old\Users\aubert et celine\AppData\Local\Temp\FR-mywebsites.pro\nsdAB1E.tbFR-0.dll, Mis en quarantaine, [47bf4af44b3157dffed98732c1407789], PUP.Optional.OnlySearch.A, C:\Users\aubert et celine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.only-search.com_0.localstorage, Mis en quarantaine, [54b2c975d5a7ea4c6ef136120ef5758b], PUP.Optional.OnlySearch.A, C:\Users\aubert et celine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.only-search.com_0.localstorage-journal, Mis en quarantaine, [bf47d569b1cb92a4055a6edaf80b0af6], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\05719bba-a182-42d3-9110-570e1a8819a8-12, Mis en quarantaine, [f2142d11b9c3d4621ab5a0aef70cc13f], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\897f31fd-e192-45ef-b652-7d95e06ec855-12, Mis en quarantaine, [c83e9ca2b1cbd56105ca3a143ac912ee], PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\fed58121-5ab7-41e8-aaeb-4a1dd4499d77-12, Mis en quarantaine, [b74ff549314b3303ede2d07edc27d828], PUP.Optional.MyStartTB.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystarttb.xml, Mis en quarantaine, [7c8ae5598cf058de3b377cfa5aa933cd], PUP.Optional.CrossRider.A, C:\Windows\System32\Tasks\dee12337-6ecd-423e-acf0-3d2975f5fa83, Mis en quarantaine, [1de9e856b1cbcc6a49ec9916cc386b95], Rogue.Multiple, C:\ProgramData\600440862\BITA9C.tmp, Mis en quarantaine, [70963d013c402d09dc2f1edb1de56997], Secteurs physiques: 0 (Aucun élément malicieux detecté) (end)