Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 01/12/2016
Heure de l'analyse: 16:10
Fichier journal: MBAM2.txt
Administrateur: Oui

Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.12.01.10
Base de données de rootkits: v2016.11.20.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Activé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x86
Système de fichiers: NTFS
Utilisateur: Martine

Type d'analyse: Analyse personnalisée
Résultat: Terminé
Objets analysés: 400372
Temps écoulé: 2 h, 24 min, 9 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 0
(Aucun élément malveillant détecté)

Modules: 0
(Aucun élément malveillant détecté)

Clés du Registre: 8
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\AskPartnerNetwork, En quarantaine, [3cf2fee42e6caa8cb4efcf16ca37f40c], 
PUP.Optional.OneSystemCare, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\One System Care, En quarantaine, [2b034a98a0fa6ccadf677dde3fc46c94], 
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [929ceff348524de97ab6aad08b774ab6], 
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1481A18B-FD58-450F-A752-38FECEE36CB5}, En quarantaine, [fe30766c16840c2a47e9bac0c83ad22e], 
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, En quarantaine, [83abe7fb1f7bc86e09274a305ba7e818], 
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{47452B2A-BF0B-4475-AC55-4A2E4C092391}, En quarantaine, [54da479b3268b97d9898a7d3ae5417e9], 
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, En quarantaine, [6bc3cd15603a53e3969a750525dd9b65], 
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, En quarantaine, [002e954dbae0c5716ac6205a0af80cf4], 

Valeurs du Registre: 13
PUP.Optional.Binkiland, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files\WSE_Binkiland\\, En quarantaine, [37f7fce6207a43f3b548f28d808202fe]
PUP.Optional.Ghokswa, HKLM\SOFTWARE\REGISTEREDAPPLICATIONS|ghokswa, SOFTWARE\Clients\StartMenuInternet\ghokswa\Capabilities, En quarantaine, [4ae44d95079300365941ce1439c816ea]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD3200AAKS-75L9A0_WD-WMAV2Y59765597655&ts=1424164862&type=default&q={searchTerms}, En quarantaine, [929ceff348524de97ab6aad08b774ab6]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1481A18B-FD58-450F-A752-38FECEE36CB5}|URL, http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD3200AAKS-75L9A0_WD-WMAV2Y59765597655&ts=1424164862&type=default&q={searchTerms}, En quarantaine, [fe30766c16840c2a47e9bac0c83ad22e]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD3200AAKS-75L9A0_WD-WMAV2Y59765597655&ts=1424164862&type=default&q={searchTerms}, En quarantaine, [83abe7fb1f7bc86e09274a305ba7e818]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, http://myhome.vi-view.com//favicon.ico, En quarantaine, [d45a568c48525dd975bbbcbe00027888]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{47452B2A-BF0B-4475-AC55-4A2E4C092391}|URL, http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD3200AAKS-75L9A0_WD-WMAV2Y59765597655&ts=1424164862&type=default&q={searchTerms}, En quarantaine, [54da479b3268b97d9898a7d3ae5417e9]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD3200AAKS-75L9A0_WD-WMAV2Y59765597655&ts=1424164862&type=default&q={searchTerms}, En quarantaine, [6bc3cd15603a53e3969a750525dd9b65]
PUP.Optional.ViView.ShrtCln, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, http://myhome.vi-view.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD3200AAKS-75L9A0_WD-WMAV2Y59765597655&ts=1424164862&type=default&q={searchTerms}, En quarantaine, [002e954dbae0c5716ac6205a0af80cf4]
PUP.Optional.ASK, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{47452B2A-BF0B-4475-AC55-4A2E4C092391}|FaviconURL, http://www.search.ask.com/favicon.ico, En quarantaine, [949a02e0a6f4d363145d20b11fe333cd]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\ONE SYSTEM CARE|OSID, 6.1, En quarantaine, [e945c51dfaa0ec4a4c686a2a6f9313ed]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, http://dl.softservers.net/121002389/DriverPro.exe, En quarantaine, [0826d70b71295fd73a7914807c8653ad]
PUP.Optional.OneSystemCare, HKU\S-1-5-21-2787963296-4269164344-169216427-501\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, http://dl.softservers.net/171002389/LiveSupport.exe, En quarantaine, [a9856e747a202016397a880c808260a0]

Données du Registre: 0
(Aucun élément malveillant détecté)

Dossiers: 3
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 

Fichiers: 55
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\0F06C9F8B78819C7.vir, En quarantaine, [4ae4edf55e3c62d47adc5371b947d030], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\1F4BC54C06579635.vir, En quarantaine, [34fac61cd8c21e18c09684402bd5f20e], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\8044C1DB10587918.vir, En quarantaine, [26087a680b8f7cbad68080443ec29d63], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\8A28AC78BBECA30F.vir, En quarantaine, [c26c7c662b6f3df9d38302c29f610df3], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\91FB79370673D61E.vir, En quarantaine, [fc325989dac072c40d4919abc937748c], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\E0F56A1C42CF1B8B.vir, En quarantaine, [f33b954d6f2bf93d154150747789728e], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\E6914D0E624FBB0D.vir, En quarantaine, [e7470bd7d3c7ba7c70e6f8ccac54cd33], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\F22AAD52CB544966.vir, En quarantaine, [4de124beb6e4132384d2655f37c98d73], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\FAEA139743070EF3.vir, En quarantaine, [df4f855d534711256beb4d77a15f19e7], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\434241FC9697983A.vir, En quarantaine, [e6481fc378222412470f3d8712ee25db], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\4F49B6CD214C8615.vir, En quarantaine, [042aa63c3a60f73f4f075c687d839b65], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\4FEC0FA60EBBB7AE.vir, En quarantaine, [27079d456b2fc670c78fd9eb39c7b749], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\D6533142012118E4.vir, En quarantaine, [f43a657d2773e25457ff4480f9078d73], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\B3634A61A95631AC.vir, En quarantaine, [1618c41e1b7f58de3224962ee61a8977], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\BF79395E2EB432B3.vir, En quarantaine, [9e9060829bffec4a69ed378dc63ab848], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\54ACBABDDBFC577A.vir, En quarantaine, [c6681fc3a7f380b6ed69873dd42c748c], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\5BD59BDADB4E7E83.vir, En quarantaine, [1c125c86abef35010056bc0837c9ca36], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\5CDA3C6FFD4E1C62.vir, En quarantaine, [9e90637f6b2f270f58fefbc9689811ef], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\2C6A3C53D8A031F7.vir, En quarantaine, [7eb06c767a20d95dc294883cd927827e], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\3050B7642538EF28.vir, En quarantaine, [1f0f06dc5a4081b5272f8044de228b75], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\39CE650B85C42EEB.vir, En quarantaine, [f836a83aaceedf576cea556f817ff30d], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\9DE30C5135A27E2C.vir, En quarantaine, [181619c979215fd761f58e36c0401fe1], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\B045AC76C8B187BF.vir, En quarantaine, [81adb72be4b6a88e2c2a5371ad53b44c], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\18A1672337D360C8.vir, En quarantaine, [52dcc1215b3f8aaca9adebd941bf8779], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\D6BF5A7B70F8DBB0.vir, En quarantaine, [7bb380623664191d7fd7893b17e9ce32], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\D9AEA162845CCD7D.vir, En quarantaine, [b37beff3edad1125bb9b497beb154eb2], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\75859F631287506B.vir, En quarantaine, [4de125bd23770c2a470fa81cf50b34cc], 
FraudTool.YAC, C:\ProgramData\RogueKiller\Quarantine\7ACAB4D586265AF2.vir, En quarantaine, [76b8eff3376342f4b1a5695b748cb44c], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\uninst.exe, En quarantaine, [c866edf5e0baac8a5a59369310f07090], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\config.ini, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\everything.exe, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\SearchBase.db, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\SearchBase.exe, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search\bing.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search\google.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search\search_config.ini, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search\SFK.ini, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search\SFKEX.ini, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\net_search\yahoo.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\bing.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\caret.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\FileListItem.xml, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\FileListItem_bing.xml, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\FileListItem_google.xml, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\frame.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\frame2.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\google.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\guide.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\icon_search.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\mainpanel.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\MainPannel.xml, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\panel_base.xml, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\search_content_list.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\WndMask.xml, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 
PUP.Optional.Everything, C:\Users\Martine\AppData\Everything\skin\yahoo.png, En quarantaine, [e14d03df584296a0f4929cecc04260a0], 

Secteurs physiques: 0
(Aucun élément malveillant détecté)


(end)