Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 21/05/2015 Heure de l'examen: 20:08:51 Fichier journal: scan.txt Administrateur: Oui Version: 2.01.6.1022 Base de données Malveillants: v2015.05.21.03 Base de données Rootkits: v2015.05.16.01 Licence: Gratuit Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Auto-protection: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: vince Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 404568 Temps écoulé: 50 min, 30 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Activé(e) Heuristique: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (Aucun élément malicieux détecté) Modules: 0 (Aucun élément malicieux détecté) Clés du Registre: 10 PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{c0b1016f-b7e5-46f0-b415-6bf9e55ab00d}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{9d99fa76-f233-472a-be64-216cb861abbe}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1D2E52D0-C2AE-493E-BA52-2425A042D491}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1D2E52D0-C2AE-493E-BA52-2425A042D491}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1D2E52D0-C2AE-493E-BA52-2425A042D491}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9d99fa76-f233-472a-be64-216cb861abbe}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9d99fa76-f233-472a-be64-216cb861abbe}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.DigitalMore.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C0B1016F-B7E5-46F0-B415-6BF9E55AB00D}, , [a99e3a5c7b0f290d870eea69d42fce32], PUP.Optional.WinYahoo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, , [67e0cec891f91a1cee68409ad72c24dc], PUP.Optional.WinYahoo.A, HKU\S-1-5-21-1756684970-1190328429-899826993-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, , [f84f4155ccbe26100f46c2186b98857b], Valeurs du Registre: 4 PUP.Optional.WinYahoo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_16¶m1=1¶m2=fD4%26bDIE%26ccDfr%26paDWinYahoo%26cdD2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtB0Ezy0A0FyCyB0B0BtBtN0D0Tzu0StCtBtDtDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyE0AyE0FyBtCyEtGtDyCzzyCtGyCyB0AtAtGyDyCtBzztGyCtCzztBzz0DyDzy0E0EzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtA0ByByByB0ByCtG0C0F0EyEtGyEyCzytDtG0BtA0DtCtGyByCyCtCyDyD0E0E0AtBtDtC2QtN0A0LzutB%26crD1700130098%26aDwny_clu_15_16%26osDWindows 7 Home Premium&p={searchTerms}, [67e0cec891f91a1cee68409ad72c24dc], %5 PUP.Optional.WinYahoo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|TopResultURLFallback, http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_16¶m1=1¶m2=fD4%26bDIE%26ccDfr%26paDWinYahoo%26cdD2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtB0Ezy0A0FyCyB0B0BtBtN0D0Tzu0StCtBtDtDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyE0AyE0FyBtCyEtGtDyCzzyCtGyCyB0AtAtGyDyCtBzztGyCtCzztBzz0DyDzy0E0EzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtA0ByByByB0ByCtG0C0F0EyEtGyEyCzytDtG0BtA0DtCtGyByCyCtCyDyD0E0E0AtBtDtC2QtN0A0LzutB%26crD1700130098%26aDwny_clu_15_16%26osDWindows 7 Home Premium&p={searchTerms}, [6fd80f871872b87e371f4892f50e54ac], %5 PUP.Optional.WinYahoo.A, HKU\S-1-5-21-1756684970-1190328429-899826993-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_16¶m1=1¶m2=fD4%26bDIE%26ccDfr%26paDWinYahoo%26cdD2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtB0Ezy0A0FyCyB0B0BtBtN0D0Tzu0StCtBtDtDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyE0AyE0FyBtCyEtGtDyCzzyCtGyCyB0AtAtGyDyCtBzztGyCtCzztBzz0DyDzy0E0EzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtA0ByByByB0ByCtG0C0F0EyEtGyEyCzytDtG0BtA0DtCtGyByCyCtCyDyD0E0E0AtBtDtC2QtN0A0LzutB%26crD1700130098%26aDwny_clu_15_16%26osDWindows 7 Home Premium&p={searchTerms}, [f84f4155ccbe26100f46c2186b98857b], %5 PUP.Optional.WinYahoo.A, HKU\S-1-5-21-1756684970-1190328429-899826993-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|TopResultURLFallback, http://fr.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_16¶m1=1¶m2=fD4%26bDIE%26ccDfr%26paDWinYahoo%26cdD2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtB0Ezy0A0FyCyB0B0BtBtN0D0Tzu0StCtBtDtDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyE0AyE0FyBtCyEtGtDyCzzyCtGyCyB0AtAtGyDyCtBzztGyCtCzztBzz0DyDzy0E0EzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtA0ByByByB0ByCtG0C0F0EyEtGyEyCzytDtG0BtA0DtCtGyByCyCtCyDyD0E0E0AtBtDtC2QtN0A0LzutB%26crD1700130098%26aDwny_clu_15_16%26osDWindows 7 Home Premium&p={searchTerms}, [2621435309810f27b1a41bbf1de630d0], %5 Données du Registre: 0 (Aucun élément malicieux détecté) Dossiers: 0 (Aucun élément malicieux détecté) Fichiers: 2 PUP.Optional.WinYahoo, C:\Users\vince\AppData\LocalLow\Microsoft\Internet Explorer\Services\WinYahoo.ico, , [e067b4e2cebcd462cf8a0e65897c36ca], PUP.Optional.WinYahoo.A, C:\Users\vince\AppData\Roaming\Mozilla\Firefox\Profiles\6s76vzxm.default\prefs.js, Bon: (), Mauvais: (user_pref("browser.startup.homepage", "http://fr.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_clu_15_16¶m1=1¶m2=f,[87c04155b4d60432cf295b078383bb45]D1%26b,[87c04155b4d60432cf295b078383bb45]DFirefox%26cc,[87c04155b4d60432cf295b078383bb45]Dfr%26pa,[87c04155b4d60432cf295b078383bb45]DWinYahoo%26cd,[87c04155b4d60432cf295b078383bb45]D2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtB0Ezy0A0FyCyB0B0BtBtN0D0Tzu0StCtBtDtDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyE0AyE0FyBtCyEtGtDyCzzyCtGyCyB0AtAtGyDyCtBzztGyCtCzztBzz0DyDzy0E0EzzyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0BtA0ByByByB0ByCtG0C0F0EyEtGyEyCzytDtG0BtA0DtCtGyByCyCtCyDyD0E0E0AtBtDtC2QtN0A0LzutB%26cr,[87c04155b4d60432cf295b078383bb45]D1700130098%26a,[87c04155b4d60432cf295b078383bb45]Dwny_clu_15_16%26os,[87c04155b4d60432cf295b078383bb45]DWindows 7 Home Premium");), %5 Secteurs physiques: 0 (Aucun élément malicieux détecté) (end)