Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 15/12/2014 Scan Time: 11:33:37 Logfile: MB2.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2014.12.15.02 Rootkit Database: v2014.12.14.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: Administrateur Scan Type: Threat Scan Result: Completed Objects Scanned: 315070 Time Elapsed: 23 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 10 PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1482476501-838170752-682003330-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [40deec77176544f29a38369908fa1de3], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [40deec77176544f29a38369908fa1de3], PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [001e9bc8d5a741f57ff6b323b74b4db3], PUP.Optional.DefaultTab.A, HKU\S-1-5-21-1482476501-838170752-682003330-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, Quarantined, [001e9bc8d5a741f57ff6b323b74b4db3], PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}, Quarantined, [7ca2f172a9d374c289bf8254bc46a35d], PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}, Quarantined, [23fb491acbb11a1cc4850dc9b44eb54b], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SETUP.EXE, Quarantined, [cd51a0c3295353e3d8cece5aea1b19e7], PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Default tab, Quarantined, [8f8f2c3729533105f9ba3d15b1522cd4], PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DefaultTab, Quarantined, [e8360c5747356ccaf910e56f946f8b75], PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, Quarantined, [0f0f2241abd180b6394c405518ebc23e], Registry Values: 1 Adware.Gibmedia, HKU\S-1-5-21-1482476501-838170752-682003330-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|WinUsr, C:\Program Files\Winsudate\gibusr.exe, Quarantined, [16085d061d5f0432800f4fbbd430dd23] Registry Data: 2 PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify, 1, Good: (0), Bad: (1),Replaced,[7ea05e051a62fe382dec7af039cc9868] Broken.OpenCommand, HKCR\regfile\shell\open\command, "regedit.exe" "Good: (regedit.exe "Bad: ("regedit.exe" "%1"),Replaced,[ffffffffffffffffffffffffffffffff]")", %4, %5 Folders: 3 PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.Spigot.A, C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\qya8jmwo.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}, Quarantined, [0d11e083a5d7db5b5f1302403ec58977], Files: 16 PUP.Optional.DefaultTab, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabBHO.dll, Quarantined, [839b2340bebe4fe76ec280a2b64b5da3], PUP.Optional.DefaultTab, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabStart.exe, Quarantined, [79a5d98a2359b97d00308b9706fb8d73], PUP.Optional.DefaultTab, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabStart64.exe, Quarantined, [be60c69dd9a3082e3ff17ca6e21fdd23], PUP.Optional.DefaultTab, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabWrap.dll, Quarantined, [67b7362ddaa2a78fcb65de44966b9e62], PUP.Optional.DefaultTab, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabWrap64.dll, Quarantined, [908eabb8f98360d664cc9e84d72a5ba5], PUP.Optional.BundleInstaller.A, C:\Documents and Settings\Administrateur\Mes documents\Downloads\Setup (1).exe, Quarantined, [21fdfc676d0f82b480261315d035639d], PUP.Optional.BundleInstaller.A, C:\Documents and Settings\Administrateur\Mes documents\Downloads\Setup.exe, Quarantined, [cd51a0c3295353e3d8cece5aea1b19e7], PUP.Optional.InstallMonetizer, C:\Documents and Settings\Administrateur\Mes documents\Downloads\Colette Magny Mlocoton 1963__4150_il4958513.exe, Quarantined, [928c76ed7a0253e341e51a2c738ecd33], PUP.Optional.JumpyApps.A, C:\Documents and Settings\Administrateur\Mes documents\Downloads\UltimateCodec.exe, Quarantined, [df3f13500379bd798a8a1bc119eb03fd], PUP.Optional.JumpyApps, C:\Documents and Settings\Administrateur\Mes documents\Downloads\VideoConverterSetup.exe, Quarantined, [8e90cf94f18bc17599ca25b72ed66799], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\addon.ico, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabBHO.cfg, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DefaultTabUninstaller.exe, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\DT.ico, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\searchhere.ico, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], PUP.Optional.DefaultTab.A, C:\Documents and Settings\NetworkService\Application Data\defaulttab\defaulttab\uninstalldt.exe, Quarantined, [b965aeb5e5970a2c3b0faf8be023e51b], Physical Sectors: 0 (No malicious items detected) (end)