Malwarebytes Anti-Malware www.malwarebytes.org Date de l'examen: 26/07/2014 Heure de l'examen: 11:04:39 Fichier journal: rapport malwarebytes.txt Administrateur: Oui Version: 2.00.2.1012 Base de données Malveillants: v2014.07.26.04 Base de données Rootkits: v2014.07.17.01 Licence: Gratuite Protection contre les malveillants: Désactivé(e) Protection contre les sites Web malveillants: Désactivé(e) Self-protection: Désactivé(e) Système d'exploitation: Windows 7 Service Pack 1 Processeur: x64 Système de fichiers: NTFS Utilisateur: CeliaJulien Type d'examen: Examen "Menaces" Résultat: Terminé Objets analysés: 325255 Temps écoulé: 21 min, 18 sec Mémoire: Activé(e) Démarrage: Activé(e) Système de fichiers: Activé(e) Archives: Activé(e) Rootkits: Désactivé(e) Heuristics: Activé(e) PUP: Activé(e) PUM: Activé(e) Processus: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Clés du Registre: 4 PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CE681A67-9477-CBE6-EB9D-FE534875F98D}, Mis en quarantaine, [3ddf594be19a2d090a3645163fc3e917], PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlay-Air, Supprimé-au-redémarrage, [8d8f851f611a072f50672801fe06f60a], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], Valeurs du Registre: 2 PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_fr_286, Mis en quarantaine, [1804cdd7e69590a6d24b79670002ca36], PUP.Optional.FastStart.A, HKU\S-1-5-21-3730842371-1773311214-104553514-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Mis en quarantaine, [eb31b1f3d1aacc6abf24587612f0ae52] Données du Registre: 1 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Remplacé,[9d7f8222f68501350e98cce8ed172dd3] Dossiers: 7 PUP.Optional.CrossRider.A, C:\Users\CeliaJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf, Mis en quarantaine, [021a485cd7a41422591008ba0bf7aa56], PUP.Optional.CrossRider.A, C:\Users\CeliaJulien\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf\1.26.35_0, Mis en quarantaine, [021a485cd7a41422591008ba0bf7aa56], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.MultiPlug.A, C:\ProgramData\cosstminn, Mis en quarantaine, [4dcf228294e705316e225c6628da7789], PUP.Optional.MultiPlug.A, C:\Program Files (x86)\cosstminn, Mis en quarantaine, [ec300d974e2d3bfbdfb2754df90932ce], Fichiers: 49 Trojan.RotBrowse, C:\Users\CeliaJulien\AppData\Local\Temp\F85B.tmp, Mis en quarantaine, [829abaea403b14221b177726fc08bb45], PUP.Optional.MultiPlug, C:\Users\CeliaJulien\AppData\Local\Temp\182982200\2736BTRx.exe, Mis en quarantaine, [40dc584cc5b6ac8aa169fba38c75ff01], PUP.Optional.MultiPlug, C:\Users\CeliaJulien\AppData\Local\Temp\182982200\mJdDk2t54.exe, Mis en quarantaine, [a5775252473463d384834b531de451af], PUP.Optional.MultiPlug, C:\Users\CeliaJulien\AppData\Local\Temp\182982200\r5IVNVpfVs50v.exe, Mis en quarantaine, [d6465d471f5c0a2c7891c5d93ec3936d], PUP.Optional.crossRider.A, C:\Users\CeliaJulien\AppData\Local\Temp\nsh6EB5.tmp\Uzkgnivw.exe, Mis en quarantaine, [8f8d90145f1cfc3acf3068d7639d7d83], Adware.Boxore, C:\Users\CeliaJulien\AppData\Local\Temp\is357113909\BoxoreInstaller.exe, Mis en quarantaine, [ea3213919be03df9b7686b3bb0507a86], PUP.Optional.Babylon.A, C:\Users\CeliaJulien\AppData\Local\Temp\is357113909\DeltaTB.exe, Mis en quarantaine, [15079a0ae398b581802a749a0ef3d42c], PUP.Optional.DealPly.A, C:\Users\CeliaJulien\AppData\Local\Temp\is357113909\dp.exe, Mis en quarantaine, [56c6950fc4b78caa69e2716be81c20e0], PUP.Optional.Wajam.A, C:\Users\CeliaJulien\AppData\Local\Temp\is357113909\wajam_download.exe, Mis en quarantaine, [978530742f4c6cca8092113654ac18e8], PUP.Optional.NewPlayer.A, C:\Users\CeliaJulien\AppData\Local\Temp\C969tmp\newvideoplayersetup.exe, Mis en quarantaine, [0814376d6b10e155abb8f295d22fc937], PUP.Optional.SearchHijacker.A, C:\Users\CeliaJulien\AppData\Local\Temp\CDFFtmp\lly_webssearches.exe, Mis en quarantaine, [de3ea6fe8af11d192505197e5aa7fe02], PUP.Optional.CrossRider.A, C:\Users\CeliaJulien\AppData\Local\Temp\CE00tmp\setup.exe, Mis en quarantaine, [eb31faaa304bfc3af9d53b102ad6a060], PUP.Optional.Conduit.A, C:\Users\CeliaJulien\AppData\Local\Temp\4810tmp\spidentifierimpl.exe, Mis en quarantaine, [1606762e5922df57560198f424dd2ad6], PUP.Optional.NewPlayer.A, C:\Users\CeliaJulien\AppData\Local\Temp\315Etmp\newvideoplayersetup.exe, Mis en quarantaine, [ba62aef6f784bc7aaeb5c3c4659c56aa], Trojan.RotBrowse, C:\Users\CeliaJulien\AppData\Local\Temp\D11E4245-BAB0-7891-ACE1-14CBC6C71000\ccp.exe, Mis en quarantaine, [db41aafa1e5d65d14ee4e4b982829d63], PUP.Optional.Babylon.A, C:\Users\CeliaJulien\AppData\Local\Temp\D11E4245-BAB0-7891-ACE1-14CBC6C71000\CrxInstaller.dll, Mis en quarantaine, [6ab2851faccf4cea943f2df4d52cbe42], PUP.Optional.Delta.A, C:\Users\CeliaJulien\AppData\Local\Temp\D11E4245-BAB0-7891-ACE1-14CBC6C71000\MyBabylonTB.exe, Mis en quarantaine, [001c772da3d82c0a964000788a77e020], PUP.Optional.SmartBar, C:\Windows\Installer\MSI6976.tmp-\Smartbar.Installer.CustomActions.dll, Mis en quarantaine, [7ca0f8acd2a9ec4a10249d91916fe11f], PUP.Optional.SmartBar, C:\Windows\Installer\MSIE349.tmp-\Smartbar.Installer.CustomActions.dll, Mis en quarantaine, [dc403470fd7e1d193ef6a48a02fe40c0], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\GoogleCrashHandler.exe, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\GoogleUpdate.exe, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\GoogleUpdateBroker.exe, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\GoogleUpdateHelper.msi, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\GoogleUpdateOnDemand.exe, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\goopdate.dll, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\goopdateres_en.dll, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\npGoogleUpdate4.dll, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\psmachine.dll, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.299103\psuser.dll, Mis en quarantaine, [67b52b79dc9fa492ea88744ee41e2dd3], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\GoogleCrashHandler.exe, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\GoogleUpdate.exe, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\GoogleUpdateBroker.exe, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\GoogleUpdateHelper.msi, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\GoogleUpdateOnDemand.exe, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\goopdate.dll, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\goopdateres_en.dll, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\npGoogleUpdate4.dll, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\psmachine.dll, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.302366\psuser.dll, Mis en quarantaine, [bf5dd4d0d0ab0d29fb77d7ebdf2314ec], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\GoogleCrashHandler.exe, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\GoogleUpdate.exe, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\GoogleUpdateBroker.exe, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\GoogleUpdateHelper.msi, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\GoogleUpdateOnDemand.exe, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\goopdate.dll, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\goopdateres_en.dll, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\npGoogleUpdate4.dll, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\psmachine.dll, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], PUP.Optional.GlobalUpdate.A, C:\Users\CeliaJulien\AppData\Local\Temp\comh.78402\psuser.dll, Mis en quarantaine, [52ca396b5a210e28571bebd7758de818], Secteurs physiques: 0 (No malicious items detected) (end)